faulkie Posted March 28, 2017 Share Posted March 28, 2017 Hello, I'm wondering if anyone from the UK has been testing the bash bunny in the UK? I have found a large portion of the example payloads to fail. If I start to dig they seem to fall around any PowerShell command or ducky script involving slashes. As a ducky owner I did find that compiling with GB parameters did solve that problem, but moving forward on the bunny do we have a more general solution? Of course I'm making a guess that this is localized to the UK based on no one else mentioning. I've not added samples or examples at this point unless ask as the issue seems to widespread. Link to comment Share on other sites More sharing options...
CyberML Posted March 28, 2017 Share Posted March 28, 2017 Hi. I have the same problem in austria. Link to comment Share on other sites More sharing options...
jjd Posted March 28, 2017 Share Posted March 28, 2017 possibly the same issue in Canada? although my pc language is set to US is this what you guys are experiencing? Link to comment Share on other sites More sharing options...
Blix Posted March 28, 2017 Share Posted March 28, 2017 Possible problem: since the HID mode emulates a physical keyboard with 101 keys (US ANSI standard) and many other countries have the 102 keys ISO standard, it is not only a matter of changing the keyboard mapping. This may be a global problem, Hak5 can you respond with advice? It may be unsolvable? /Blix Link to comment Share on other sites More sharing options...
Sebkinne Posted March 28, 2017 Share Posted March 28, 2017 It is solvable by selecting a different language. Please search these forums, there are already guides on how to do this. In the next firmware upgrade, we will make this process a lot easier. Link to comment Share on other sites More sharing options...
Blix Posted March 29, 2017 Share Posted March 29, 2017 I am a client of yours, thank you for this support. But these guides you are referring to collectively say that certain characters (that are always needed in the scripts) can not be generated for non US target systems. Have I misunderstood this? The only partial solution I have seen works only for windows and that takes time and involves setting the target system language to US and then back. There is no solution for OS X, and the one for windows is not optimal. Can you confirm what you are stating above that we can just change language and these new maps can generate all characters? /Blix Link to comment Share on other sites More sharing options...
Sebkinne Posted March 29, 2017 Share Posted March 29, 2017 56 minutes ago, Blix said: I am a client of yours, thank you for this support. But these guides you are referring to collectively say that certain characters (that are always needed in the scripts) can not be generated for non US target systems. Have I misunderstood this? The only partial solution I have seen works only for windows and that takes time and involves setting the target system language to US and then back. There is no solution for OS X, and the one for windows is not optimal. Can you confirm what you are stating above that we can just change language and these new maps can generate all characters? /Blix Yes, you can remap the language files. We'll let you know more in the next couple of days. Link to comment Share on other sites More sharing options...
Xuneneko Posted March 30, 2017 Share Posted March 30, 2017 looking forward to this. For some reason i simply cant get the bunny to work with german keyboards layout Link to comment Share on other sites More sharing options...
Blix Posted March 30, 2017 Share Posted March 30, 2017 We really need a fast and good solution to the language and keyboards compatibility problem. Link to comment Share on other sites More sharing options...
Blix Posted April 2, 2017 Share Posted April 2, 2017 On 2017-03-29 at 8:05 AM, Sebkinne said: Yes, you can remap the language files. We'll let you know more in the next couple of days. Hi, is there an ETA on the new language support mentioned here? What will become more clear on a few Days? Link to comment Share on other sites More sharing options...
faulkie Posted April 7, 2017 Author Share Posted April 7, 2017 I see some language bunny updates have been added;-). I did have a temp fix that I put in replacing the us.json so ill take a look at these tonight and have a play ;-) Link to comment Share on other sites More sharing options...
Razor303.jc Posted July 6, 2019 Share Posted July 6, 2019 Hi, I've just got my bash bunny (Delivered 02-07-2019 ish....) been messing around with the little 👾 on and off for a few days now, not online yet but can ssh in, updated the firmware to 16 beta having great fun with HID on my Linux box using i3wm automating stuff... Now on a mission to get bash bunny's internet working so I can apt update, apt install, knock out code & git clone my little head off... Any help getting bash bunny up and running much appreciated 🤔 What to do next...... root@bunny:~# ping -q -c 1 -W 1 8.8.8.8 PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data. --- 8.8.8.8 ping statistics --- 1 packets transmitted, 0 received, +1 errors, 100% packet loss, time 0ms root@bunny:~# ping -q -c 1 -W 1 google.com ping: unknown host google.com root@bunny:~# case "$(curl -s --max-time 2 -I http://google.com | sed 's/^[^ ]* *\([0-9]\).*/\1/; 1q')" in > [23]) echo "HTTP connectivity is up";; > 5) echo "The web proxy won't let us through";; > *) echo "The network is down or very slow";; > esac The network is down or very slow root@bunny:~# ip -s link show usb0 7: usb0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 5a:00:00:5a:5a:00 brd ff:ff:ff:ff:ff:ff RX: bytes packets errors dropped overrun mcast 63771 790 0 0 0 0 TX: bytes packets errors dropped carrier collsns 64700 687 0 0 0 0 root@bunny:~# ifconfig lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:156 errors:0 dropped:0 overruns:0 frame:0 TX packets:156 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:14488 (14.1 KiB) TX bytes:14488 (14.1 KiB) usb0 Link encap:Ethernet HWaddr 5a:00:00:5a:5a:00 inet addr:172.16.64.1 Bcast:172.16.64.255 Mask:255.255.255.0 inet6 addr: fe80::5800:ff:fe5a:5a00/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:823 errors:0 dropped:0 overruns:0 frame:0 TX packets:717 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:65931 (64.3 KiB) TX bytes:67638 (66.0 KiB) Link to comment Share on other sites More sharing options...
GuitarGuy Posted October 4, 2020 Share Posted October 4, 2020 On 7/6/2019 at 11:26 AM, Razor303.jc said: Hi, I've just got my bash bunny (Delivered 02-07-2019 ish....) been messing around with the little 👾 on and off for a few days now, not online yet but can ssh in, updated the firmware to 16 beta having great fun with HID on my Linux box using i3wm automating stuff... Now on a mission to get bash bunny's internet working so I can apt update, apt install, knock out code & git clone my little head off... Any help getting bash bunny up and running much appreciated 🤔 What to do next...... root@bunny:~# ping -q -c 1 -W 1 8.8.8.8 PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data. --- 8.8.8.8 ping statistics --- 1 packets transmitted, 0 received, +1 errors, 100% packet loss, time 0ms root@bunny:~# ping -q -c 1 -W 1 google.com ping: unknown host google.com root@bunny:~# case "$(curl -s --max-time 2 -I http://google.com | sed 's/^[^ ]* *\([0-9]\).*/\1/; 1q')" in > [23]) echo "HTTP connectivity is up";; > 5) echo "The web proxy won't let us through";; > *) echo "The network is down or very slow";; > esac The network is down or very slow root@bunny:~# ip -s link show usb0 7: usb0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000 link/ether 5a:00:00:5a:5a:00 brd ff:ff:ff:ff:ff:ff RX: bytes packets errors dropped overrun mcast 63771 790 0 0 0 0 TX: bytes packets errors dropped carrier collsns 64700 687 0 0 0 0 root@bunny:~# ifconfig lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:156 errors:0 dropped:0 overruns:0 frame:0 TX packets:156 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:14488 (14.1 KiB) TX bytes:14488 (14.1 KiB) usb0 Link encap:Ethernet HWaddr 5a:00:00:5a:5a:00 inet addr:172.16.64.1 Bcast:172.16.64.255 Mask:255.255.255.0 inet6 addr: fe80::5800:ff:fe5a:5a00/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:823 errors:0 dropped:0 overruns:0 frame:0 TX packets:717 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:65931 (64.3 KiB) TX bytes:67638 (66.0 KiB) Im having this exact same issue! Hak5 PLEASE help. i also posted a github help request in bashbunny-payloads Link to comment Share on other sites More sharing options...
Irukandji Posted October 4, 2020 Share Posted October 4, 2020 1 hour ago, GuitarGuy said: Im having this exact same issue! Hak5 PLEASE help. i also posted a github help request in bashbunny-payloads I don't know if it's the same issue... https://github.com/hak5/bashbunny-payloads/issues/425 I don't know if they where running kali linux... Link to comment Share on other sites More sharing options...
chrizree Posted October 4, 2020 Share Posted October 4, 2020 GuitarGuy has written both posts (here and GitHub) Link to comment Share on other sites More sharing options...
chrizree Posted October 4, 2020 Share Posted October 4, 2020 This works for me... With no Bash Bunny plugged in, run bb.shsudo bash ./bb.sh or just sudo ./bb.sh (sudo not needed on Kali if you run as "in the old days", i.e. default to use root all the time) Run the setup if it hasn't been run on the particular PC before[G]uided setup (recommended) Plug in the Bash Bunny in step 3 After the setup is done, unplug the Bunny and run bb.sh again Then select (this is most likely the step that you have missed doing)[C]onnect using saved settings Plug the Bunny in You will get the "Cloud>PC>Bunny" Ascii art after a short while which tells that you are ready to go Now ssh into the Bunny Try to ping (1.1.1.1 or www.google.com), networking/internet access from the Bunny should now work --- Note that the bb.sh script "messes up" your iptables rules that most likely makes it impossible to access the internet (or network) from the PC after the Bash Bunny session has ended. BE SURE that you know what you are doing if you have other "non default" iptables rules configured! The rules that are added is viewable in the bb.sh script. Just search for iptables in the script file and you will find them all. To mitigate this, you need to delete the iptables rules that bb.sh has added. A reboot of the PC should do the job as well, but perhaps you want to use the PC without rebooting after the Bunny session has finished. Run the following to get the rule line number (you may need to disable networking)sudo iptables -L FORWARD --line-numbers Identify the line number for the rule that is about to be deleted and then delete the rule, for example, use the below command if the rule has number 1sudo iptables -D FORWARD 1 (do the above twice since bb.sh adds 2 forwarding rules) Also delete the postrouting nat rule that bb.sh addssudo iptables -t nat -v -L POSTROUTING -n --line-numbersudo iptables -t nat -D POSTROUTING <rule number> Link to comment Share on other sites More sharing options...
GuitarGuy Posted October 5, 2020 Share Posted October 5, 2020 3 hours ago, chrizree said: This works for me... With no Bash Bunny plugged in, run bb.shsudo bash ./bb.sh or just sudo ./bb.sh (sudo not needed on Kali if you run as "in the old days", i.e. default to use root all the time) Run the setup if it hasn't been run on the particular PC before[G]uided setup (recommended) Plug in the Bash Bunny in step 3 After the setup is done, unplug the Bunny and run bb.sh again Then select (this is most likely the step that you have missed doing)[C]onnect using saved settings Plug the Bunny in You will get the "Cloud>PC>Bunny" Ascii art after a short while which tells that you are ready to go Now ssh into the Bunny Try to ping (1.1.1.1 or www.google.com), networking/internet access from the Bunny should now work --- Note that the bb.sh script "messes up" your iptables rules that most likely makes it impossible to access the internet (or network) from the PC after the Bash Bunny session has ended. BE SURE that you know what you are doing if you have other "non default" iptables rules configured! The rules that are added is viewable in the bb.sh script. Just search for iptables in the script file and you will find them all. To mitigate this, you need to delete the iptables rules that bb.sh has added. A reboot of the PC should do the job as well, but perhaps you want to use the PC without rebooting after the Bunny session has finished. Run the following to get the rule line number (you may need to disable networking)sudo iptables -L FORWARD --line-numbers Identify the line number for the rule that is about to be deleted and then delete the rule, for example, use the below command if the rule has number 1sudo iptables -D FORWARD 1 (do the above twice since bb.sh adds 2 forwarding rules) Also delete the postrouting nat rule that bb.sh addssudo iptables -t nat -v -L POSTROUTING -n --line-numbersudo iptables -t nat -D POSTROUTING <rule number> okay so i deleted all the rules added by the bb.sh script, i do have docker running however in iptables... tried the bb.sh script again... essentially regenerated the iptable rules. ssh'd into bash bunny, ping 1.1.1.1 and www.google.com and STILL nothing! and yes i did use the (C)onnect flag in the bb.sh both before and after... im genuinely baffled?? Link to comment Share on other sites More sharing options...
GuitarGuy Posted October 5, 2020 Share Posted October 5, 2020 1 hour ago, GuitarGuy said: okay so i deleted all the rules added by the bb.sh script, i do have docker running however in iptables... tried the bb.sh script again... essentially regenerated the iptable rules. ssh'd into bash bunny, ping 1.1.1.1 and www.google.com and STILL nothing! and yes i did use the (C)onnect flag in the bb.sh both before and after... im genuinely baffled?? heres a photo of the advanced network config Link to comment Share on other sites More sharing options...
chrizree Posted October 5, 2020 Share Posted October 5, 2020 If possible, I would suggest that you verify it all in a "clean" environment. I.e. in an OS installed in an ordinary fashion, no Docker container or virtual environment. Just to rule out the fact that there might be some problem with the Bunny itself. If that works, I would then start to hunt down issues in the Docker implementation. Link to comment Share on other sites More sharing options...
GuitarGuy Posted October 5, 2020 Share Posted October 5, 2020 6 hours ago, chrizree said: If possible, I would suggest that you verify it all in a "clean" environment. I.e. in an OS installed in an ordinary fashion, no Docker container or virtual environment. Just to rule out the fact that there might be some problem with the Bunny itself. If that works, I would then start to hunt down issues in the Docker implementation. i mean i really dont want to have to reinstall kali and all my other usermade tools again?! Link to comment Share on other sites More sharing options...
GuitarGuy Posted October 5, 2020 Share Posted October 5, 2020 i have another problem...yaaaay i dual booted into windows and got an internet connection... trying to install the metasploit dependancies and get this ... root@bunny:~# apt -y install screen autoconf bison build-essential curl git-core libapr1 libaprutil1 libcurl4-openssl-dev libgmp3-dev libpcap-dev libpq-dev libreadline6-dev libsqlite3-dev libssl-dev libsvn1 libtool libxml2 libxml2-dev libxslt-dev libyaml-dev locate ncurses-dev openssl wget xsel zlib1g zlib1g-dev ruby-dev Reading package lists... Done Building dependency tree Reading state information... Done Note, selecting 'libxslt1-dev' instead of 'libxslt-dev' Note, selecting 'libncurses5-dev' instead of 'ncurses-dev' curl is already the newest version. libpcap-dev is already the newest version. libxml2 is already the newest version. libssl-dev is already the newest version. libpq-dev is already the newest version. screen is already the newest version. libsqlite3-dev is already the newest version. wget is already the newest version. zlib1g is already the newest version. zlib1g-dev is already the newest version. ruby-dev is already the newest version. Some packages could not be installed. This may mean that you have requested an impossible situation or if you are using the unstable distribution that some required packages have not yet been created or been moved out of Incoming. The following information may help to resolve the situation: The following packages have unmet dependencies: libgmp3-dev : Depends: libgmp-dev (= 2:6.0.0+dfsg-6) but 2:6.1.2+dfsg-1 is to be installed libncurses5-dev : Depends: libtinfo5 (= 5.9+20140913-1+deb8u3) but 6.0+20161126-1+deb9u2 is to be installed Depends: libncurses5 (= 5.9+20140913-1+deb8u3) but 6.0+20161126-1+deb9u2 is to be installed Depends: libtinfo-dev (= 5.9+20140913-1+deb8u3) but it is not going to be installed libreadline6-dev : Depends: libtinfo-dev but it is not going to be installed libyaml-dev : Depends: libyaml-0-2 (= 0.1.6-3) but 0.1.7-2 is to be installed E: Unable to correct problems, you have held broken packages. Link to comment Share on other sites More sharing options...
GuitarGuy Posted October 5, 2020 Share Posted October 5, 2020 nvm solved my problems Link to comment Share on other sites More sharing options...
kuyaya Posted October 7, 2020 Share Posted October 7, 2020 On 10/6/2020 at 12:56 AM, GuitarGuy said: nvm solved my problems great to hear 🎉 Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.